The Chinese government hacking group seen targeting European governments and non-governmental organizations in early March may have also been going after Russian government targets as well, researchers with Secureworks Counter Threat Unit reported Wednesday. The findings add new details to multiple threat intelligence reports in early March highlighting the concerted efforts of Chinese-linked hacking groups to target European diplomatic entities and NGOs. READ MORE...
Coca-Cola has launched an investigation after a cybercrime group claimed to have breached the company's systems, but the hackers' previous claims have been called into question. The beverage giant said it has notified law enforcement and is trying to "determine the validity of the claim." The hacker group, named Stormous, claims to have stolen more than 161 Gb of data from Coca-Cola, offering to sell it for $65,000 or 1.6 bitcoin. READ MORE...
The American Dental Association (ADA) was hit by a weekend cyberattack, causing them to shut down portions of their network while investigating the attack. The ADA is a dentist and oral hygiene advocacy association providing training, workshops, and courses to its 175,000 members. For many living in the USA, you will likely recognize the ADA Accepted seal on oral hygiene products, such as toothpaste and toothbrushes, indicating that the product is safe and contributes to oral health. READ MORE...
The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. The use of .LNK files is not new, as the Emotet gang previously used them in a combination with Visual Basic Script (VBS) code to build a command that downloads the payload. However, this is the first time that they utilized Windows shortcuts to directly execute PowerShell commands. READ MORE...
Tesla and SpaceX billionaire Elon Musk struck a deal to buy Twitter for $44 billion on Monday and he's already rolled out a to-do list for big changes at the company. One of the more novel suggestions he has put forward is making Twitter's algorithms available for pubic scrutiny. Sharing the code for Twitter's algorithms doesn't pose nearly the same risk as pulling open the hood on the company's entire technical infrastructure. READ MORE...
Four months after the discovery of the zero-day Log4Shell critical flaw, millions of Java applications still remain vulnerable to compromise, researchers have found. Researchers at security firm Rezilion analyzed the current potential attack surface for the vulnerability in the popular open-source Apache Struts framework that threatened to break the internet when it was discovered in December. READ MORE...